This method allows password-based authentication without exposing the password to the server. Instead, the client and server exchange cryptographic proofs to demonstrate of knowledge of the password while revealing nothing useful to an attacker or compromised endpoint.

This is experimental, work-in-progress code and is presently compiled-time disabled (turn on -DJPAKE in Makefile.inc).

Log message: - stevesk [at] cvs 2008/11/04 19:18:00 [readconf.c] because parse_forward() is now used to parse all forward types (DLR), and it malloc's space for host variables, we don't need to malloc here. fixes small memory leaks.

previously dynamic forwards were not parsed in parse_forward() and space was not malloc'd in that case.